I logged in this morning to find my balance was zero.. So I thought there were some kind of site problems.. Than I checked my account and evrything was lost on pioker. Checked my security and someone logged in to my account form the UK.. I live in the Netherlands.. 1500 euro's are gone. Send an inquiry to Betfair hoping the can help me out. has abnyone ever faced this? I'm completely in shock..
It will be fairly clear if the money has been passed across poker accounts to someone else. If I were you, I'd change your password to something new, and good. 10 characters: letters, numbers and not based on a real word.
It will be fairly clear if the money has been passed across poker accounts to someone else. If I were you, I'd change your password to something new, and good. 10 characters: letters, numbers and not based on a real word.
Surely it's about time betfair started taking the security side of things a bit more serious, they even removed the option to deny logins from outside your own country for some reason.
Threads like these pop up every now and then but nothing ever seems to be done
Surely it's about time betfair started taking the security side of things a bit more serious, they even removed the option to deny logins from outside your own country for some reason.Threads like these pop up every now and then but nothing ever seem
I also got hacked 3 weeks ago,first time they used my funds to bet with and won £3,000 approx then found an obscure market and bet with an accomplice to transfer the money to a seperate account. When i logged in the next day (using gruss) my account was the excact same amount as the previous day, later on that evening after I had logged out they cleared me out using an icelandic football market of £4,000 approx so I logged in and had a balance of 54pence. Luckily I reported it within the 12 hour window and betfair`s fraud dept managed to recover £3,300.I still cant believe it happened and still cant work out how, by the way i am in the U>K and this happened in europe. since then I have been trying to think of ways to make my account safer ,apart from the obvious, but I feel Betfair are not extremely helpful regarding this.
I also got hacked 3 weeks ago,first time they used my funds to bet with and won £3,000 approx then found an obscure market and bet with an accomplice to transfer the money to a seperate account. When i logged in the next day (using gruss) my account
missle' thats worrying. in a forum chat last year betfair did promise to improve security logon.
Maybe "betfair community manager 2" might read this thread and give some feedback. I understand he is good for getting feedback.
missle' thats worrying. in a forum chat last year betfair did promise to improve security logon. Maybe "betfair community manager 2" might read this thread and give some feedback. I understand he is good for getting feedback.
Mr.Angry 22 Aug 11 11:35 Joined: 05 Jan 11 | Topic/replies: 695 | Blogger: Mr.Angry's blog Contact Betfair immediately. bf_fanatic may be able to help too.
Mr.Angry22 Aug 11 11:35 Joined: 05 Jan 11 | Topic/replies: 695 | Blogger: Mr.Angry's blogContact Betfair immediately.bf_fanatic may be able to help too.
I've been watching this thread and ensuring that it is also seen by those looking into this.
If I can offer anything useful by way of feedback, I'll definitely do so.
Hi HazelI've been watching this thread and ensuring that it is also seen by those looking into this.If I can offer anything useful by way of feedback, I'll definitely do so.
It has basically forced me to check my account statement and "my security" log ins day & night.Even when I have a non gambling day I log in to make sure nothing untoward has happened. Obviously password changes have become the norm rather than the exception. I asked Betfair if I could set a daily loss limit of £1,000 to give me slightly better protection but was informed this was not possible. I find it unsettling that I can log in & out from the U.k but a few hours later someone can log in from mainland Europe and "play" around with my funds,surely there could be procedures in place for this not to happen,alas to no avail. I use one computer for all my betting, can something be put in place to prevent another ip address from accessing my account,again to no avail. I suppose the best way would be I transfer in & out funds each day but this does not suit my needs and I preferred to keep a high four figure or low five figure amount to do my daily betting.At the moment I have cut this down purely through paranoia.
It has basically forced me to check my account statement and "my security" log ins day & night.Even when I have a non gambling day I log in to make sure nothing untoward has happened.Obviously password changes have become the norm rather than the exc
The probable culprit is spy-ware as there are a lot of nasty apps that invest computers and do a process known as key logging, this means every time you login to anything the app will log your cookie history along with your key presses.
Please make sure you use a good anti-spy ware program along with anti-virus software also use a firewall to prevent others from having access to your computer.
The probable culprit is spy-ware as there are a lot of nasty apps that invest computers and do a process known as key logging, this means every time you login to anything the app willlog your cookie history along with your key presses. Please make su
Have you entered your password into other softwares that use the betfair exchange as I have heard some concerns that this information passed through other applications could go astray possibility.
Has anyone used your account at anytime other than yourself?
Have you entered your password into other softwares that use the betfair exchange asI have heard some concerns that this information passed through other applications could goastray possibility.Has anyone used your account at anytime other than yours
I cant see why extra security couldn't be used by designers to allocate that you only use accounts from designated ip addresses as this is much more secure than having a roaming address on the internet for logging on
I cant see why extra security couldn't be used by designers to allocate that you only use accounts fromdesignated ip addresses as this is much more secure than having a roaming address on the internetfor logging on
bf_fananatic ..I usually use gruss to enter betfair and have done so for about 4 years,I agree about the designated ip addresses however, whenever my wireless connection updates or resets I get a new address so not sure how this would affect this.
bf_fananatic ..I usually use gruss to enter betfair and have done so for about 4 years,I agree about the designated ip addresses however, whenever my wireless connection updates or resets I get a new address so not sure how this would affect this.
You can get staic ip addresses as used by all shops for things like banking machines and online services, most home internet is dynamic address which does change frequently, if you get a stic ip address you could ask betfair if they could only allow this address for you account, not sure if thats possible but it could be worth looking into in your case.
I have a gruss account also as its so good an app and doubt there is any problem there as there api approved and not on the beware list, i recently installed zoom bets on my smart phone but against advice from a reviewer who said beware of this product but everybody else said "wow what a cool app" so I couldn't resist trying it and its very good.
Changing your password frequently seems to be the best bet and after the dreadful experience you have been through which I feel sorry for you I will do the same in the future.
You can get staic ip addresses as used by all shops for things like banking machines and onlineservices, most home internet is dynamic address which does change frequently, if you get a stic ip address you could ask betfair if they could only allow t
As I posted on another thread which BCM2 may not be watching: Betfair could: Only allow access to betfair from a country or far better a single IP for anyone with a static IP, to enable another IP when you try to log on from one, you must enter a second level password, ideally via drop downs like banks do. Not difficult, massive increase in security. A variation of this would be to allow IPs that match a certain pattern, e.g. X.X.*.* so only the dynamic IPs from a users ISP could be allowed, which helps people without a static IP.
As you'd normally be on your own computer you'd never / or just very very rarely need really to enter the second level password to get access from a new IP, so any keylogger would really struggle get it. It's effectively self double locking - you never really enter that password and they can't do anything without the password. And any time it was activated perhaps it would send you an email, which could even have a third tier lock that you have to click a link to activate it, which is a very common thing that even noddy little sites do to activate you.
Another idea is to allow transfers to a secure internal bank for each account that again requires another second level password to access it (again using the drop down method to beat keyloggers), so you're only betting with amounts you intend to that day. When not actively betting, you just shift your money in there for piece of mind. An awful lot of online banks etc now do similar, one password to log on, another to enable "dangerous" stuff. Having a second internal safety account also protects users to some extent from themselves, as anything in there is safe from accidentally doing a stupid bet etc by misplacing a digit etc. Although this is secondary, it's still not a good thing.
As I posted on another thread which BCM2 may not be watching:Betfair could:Only allow access to betfair from a country or far better a single IP for anyone with a static IP, to enable another IP when you try to log on from one, you must enter a secon
Just Checking -those ideas are worth looking at. I suspect betfair have been looking at such ideas. Given that some clients may have 4, 5, 6 or even 7 figure balances you would expect security equivalent to that of a bank. Currently Betfair fail to meet the high banking standards of security for logon.
Unfortunatley they seem happy with the situation, having posted in their customer commitment:
"Update - August 2011: We received PCI-DSS recertification as a Level 1 Payment Provider in June 2011. This is the highest level and is for merchants processing over 6 million card transactions annually. The PCI Security Standards Council offers robust and comprehensive standards to enhance payment card data security. The Data Security Standard (DSS) covers how Betfair prevents, detects and reacts to security incidents."
Just Checking -those ideas are worth looking at. I suspect betfair have been looking at such ideas. Given that some clients may have 4, 5, 6 or even 7 figure balances you would expect security equivalent to that of a bank. Currently Betfair fail t
I would urge everybody to at least check My Security on a regular basis. I was shocked earlier in the year to find somebody had tried to access my account from Russia.
Fair play to BF who sorted me out a new account within the day but it was all a bit worrying nonetheless.
What about exclusions from Poker and even those sports we never bet on which can only be changed via a different password for example?
All suggestions about extra security are very welcome and should be taken seriously by BF as there are often threads similar to this appearing and I know of one person who lost money and never got it back. No doubt the BF fraud dept will do what they can to get your funds back but essentially it is tough shyte if they can't do anything.
I would urge everybody to at least check My Security on a regular basis. I was shocked earlier in the year to find somebody had tried to access my account from Russia.Fair play to BF who sorted me out a new account within the day but it was all a bi
(1) Drop down menu for password submission. (2) Optional security token (such as a card reader type device). (3) Optional IP address restrictions.
The suggestion for a security token was made, at least, as far back as February 2010 (see the relevant Forum Q&A). The response provided by the bf representative at that time was encouraging but I haven't seen any updates to indicate that much progress has been made in this area.
You can already self-exclude from poker, arcade, casino and games.
The Vis & BCM2, Suggestions (that I support):(1) Drop down menu for password submission.(2) Optional security token (such as a card reader type device).(3) Optional IP address restrictions.The suggestion for a security token was made, at least, as fa
Just doing dropdown for the main password doesn't help any third party applications (which could already be doing that today if they wanted to). A second password(s) you rarely enter in effect means using betfairs web site to control 'advanced' stuff (IP security / internal secure bank / whatever) means those applications don't actually need changed, yet security can be enhanced within betfairs control whenever they want tommorow, and is still secure if your main password somehow gets nabbed by some hacked mobile phone application or whatever.
Just doing dropdown for the main password doesn't help any third party applications (which could already be doing that today if they wanted to). A second password(s) you rarely enter in effect means using betfairs web site to control 'advanced' stuff
It would be easy for Betfair to implement some kind of extra security, but I don't think they really care as they have said nothing on this issue the last couple of years. They even removed the option we had to restrict access from either countries/regions of our choice or anywhere else than your home country. As far as I know they didn't even bother giving us the reason for removing this option.
It would be easy for Betfair to implement some kind of extra security, but I don't think they really care as they have said nothing on this issue the last couple of years. They even removed the option we had to restrict access from either countries/
Your suggestion does provide greater security. However, using a drop down menu to submit a random selection of characters from your main password itself greatly reduces the probability of your entire password being nabbed and your account thus being hacked.
Just Checking,Your suggestion does provide greater security. However, using a drop down menu to submit a random selection of characters from your main password itself greatly reduces the probability of your entire password being nabbed and your accou
Oh I'm not against it JT45, what I'm saying is that alone only helps in one particular aspect, an aspect that they can directly control, and if someone can get it from a phone app or whatever means, if nothing else changes, you're just as goosed as you'd be today.
Oh I'm not against it JT45, what I'm saying is that alone only helps in one particular aspect, an aspect that they can directly control, and if someone can get it from a phone app or whatever means, if nothing else changes, you're just as goosed as y
- I'm not versed on how encryption works between a third party API (i.e. gruss) and betfair but some of the threads have mentioned they use something like that which would need your betfair account to log.
- I was in an internet cafe the other day because we were moving. I had to move some money and went to use the bank site. It became apparent that there was spyware (hard to describe but as I typed anything, it became lumbered and delayed. When I left the bank site, it was fine) so I didn't log on.
- A friend of mine has told me to disable bluetooth on my phone since it takes a millisecond to put a virus in your phone. In the states, they hang around at race tracks.
- It would also help if betfair allowed you to opt out of certain types of betting (i.e. poker) and you need to phone up to change this. As well, if someone did try to use poker and the user had opted out, it would be an excellent flag for the security room to look a the account activity.
My advice - until betfair come up with a token system or drop down, come up with a new password as often as you can.
A couple of observations:- I'm not versed on how encryption works between a third party API (i.e. gruss) and betfair but some of the threads have mentioned they use something like that which would need your betfair account to log.- I was in an intern
Shapeshifter you can already exclude yourself from poker just go to My Profile -> player protection and opt out if you don't use it
View/edit player protection settings for: Arcade Casino Games Poker Skill & Dice
Most of the fraud I've seen seems to be where the balance has been dumped via poker
Shapeshifter you can already exclude yourself from poker just go to My Profile -> player protection and opt out if you don't use itView/edit player protection settings for: ArcadeCasinoGamesPoker Skill & DiceMost of the fraud I've seen seems to b
ics i believe you may find reports on the internet that virtual keyboards are a security risk themselves.
entering the 4th, 1st and 9th digit of your password is used by many banks. but this is only one aspect of their improved security.
I have been banging on for years the weaknesses in their "forgot password " procedure.
Betfair have not improved their front line security for logon since I first bet here over 10 years ago.
ics i believe you may find reports on the internet that virtual keyboards are a security risk themselves.entering the 4th, 1st and 9th digit of your password is used by many banks. but this is only one aspect of their improved security.I have been ba
inner city sumo Kaspersky comes with a virtual keyboard, useful for entering passwords. Does this mean that a keylogger would not be able to recognise keys pressed?
inner city sumoKaspersky comes with a virtual keyboard, useful for entering passwords. Does this mean that a keylogger would not be able to recognise keys pressed?
They're not perfect, but they are an upgrade on keystrokes alone, and any relatively little thing you can do to make it that little bit harder has to be worth doing.
The most sophisticated loggers can track information on the basis of screen image and movement, so in those circumstances you're screwed!
They're not perfect, but they are an upgrade on keystrokes alone, and any relatively little thing you can do to make it that little bit harder has to be worth doing. The most sophisticated loggers can track information on the basis of screen image an
betfairs response to my query re limiting ip address log ins " Thank you for your e-mail.
Please note that it is not possible to restrict access to your account from one IP address. As long as you are using an anti spyware and anti virus software on a regular basis and you also change your password on a regular basis, you should not experience any issues with your account."
betfairs response to my query re limiting ip address log ins"Thank you for your e-mail.Please note that it is not possible to restrict access to your account from one IP address. As long as you are using an anti spyware and anti virus software on a r
"Please note that it is not possible to restrict access to your account from one IP address. As long as you are using an anti spyware and anti virus software on a regular basis and you also change your password on a regular basis, you should not experience any issues with your account."
That is a pretty poor response. Banks expect you to have uptodate virus checker etc, but they do do their bit by making their sites as secure as possible by adding extra lines of security. I would be very surprised if any bank today relied up mere username/password for security.
"Please note that it is not possible to restrict access to your account from one IP address. As long as you are using an anti spyware and anti virus software on a regular basis and you also change your password on a regular basis, you should not expe
There are online bookies who log you out and display a message if you log in for a second time even in another window from the same computer(SBO for one). I wonder if that is something which could be explored by betfair. It may help in a small way although I should think there are a lot of potential issues with it given the different ways people use the site.
I would also suggest anyone who doesn't play poker should self exclude themselves from poker as that is a possible way of these criminals transferring your funds. May as well do so for the other non exchange parts of the site too as I have heard of people being hacked and just having their cash burnt on the casino.
Which anti spyware do people recommend, I hear good things about superantispyware.
There are online bookies who log you out and display a message if you log in for a second time even in another window from the same computer(SBO for one). I wonder if that is something which could be explored by betfair. It may help in a small way al
when I was hacked I was told it was good news that I got most of my money back (apart from the £700) as ,and I quote "usually when this happens people get nothing back as the hackers maliciously gamble away the funds" that is scary!!
when I was hacked I was told it was good news that I got most of my money back (apart from the £700) as ,and I quote "usually when this happens people get nothing back as the hackers maliciously gamble away the funds" that is scary!!
I think I am right in saying that banks have to prove you were at fault otherwise they have to take the loss, thats why they have good security features. Whereas Betfair make the client take the loss. Thats probably why they seem indifferent about improving the site security.
that is scary missel'I think I am right in saying that banks have to prove you were at fault otherwise they have to take the loss, thats why they have good security features. Whereas Betfair make the client take the loss. Thats probably why they se
The probable culprit is spy-ware as there are a lot of nasty apps that invest computers and do a process known as key logging, this means every time you login to anything the app will log your cookie history along with your key presses.
Please make sure you use a good anti-spy ware program along with anti-virus software also use a firewall to prevent others from having access to your computer.
I have all these.. I don't have clue as to how this could have happened? Helpdesk says the fraud team will get back with me rather shortly now..
The probable culprit is spy-ware as there are a lot of nasty apps that invest computers and do a process known as key logging, this means every time you login to anything the app willlog your cookie history along with your key presses. Please make su
inner city sumo 22 Aug 11 18:21 Kaspersky comes with a virtual keyboard, useful for entering passwords.
im using kaspersky where do i find the virtual keyboard
inner city sumo 22 Aug 11 18:21 Kaspersky comes with a virtual keyboard, useful for entering passwords.im using kaspersky where do i find the virtual keyboard
With regard to Gruss (and other API software) apparently when the user looks at price graphs the account password is resubmitted, so if you look at a graph say once every 5 minutes your password is submitted every time.
How safe that is I don't know, but I'm wondering if it's a possible weak link in our security? Any software experts on the thread?
------------
I've suggested before that it might be simple to have a unique PIN texted to your mobile phone when you log on, paypal do this, but then I guess problems would arise every time you click on a price graph unless the constant password requirement could be altered.
With regard to Gruss (and other API software) apparently when the user looks at price graphs the account password is resubmitted, so if you look at a graph say once every 5 minutes your password is submitted every time.How safe that is I don't know,
the silverback Date Joined: 28 May 07 Add contact | Send message When: 22 Aug 11 18:53 Joined: Date Joined: 28 May 07 | Topic/replies: 2,328 | Blogger: the silverback's blog There are online bookies who log you out and display a message if you log in for a second time even in another window from the same computer(SBO for one). I wonder if that is something which could be explored by betfair. It may help in a small way although I should think there are a lot of potential issues with it given the different ways people use the site.
I would also suggest anyone who doesn't play poker should self exclude themselves from poker as that is a possible way of these criminals transferring your funds. May as well do so for the other non exchange parts of the site too as I have heard of people being hacked and just having their cash burnt on the casino.
Which anti spyware do people recommend, I hear good things about superantispyware.
Yes, someone accessed my email account from Mexico once, and after getting an automatic message pop up in my email account, I was able to quickly change the password etc, as well as check that nothing was being forwarded etc.
the silverbackDate Joined: 28 May 07Add contact | Send messageWhen: 22 Aug 11 18:53Joined:Date Joined: 28 May 07| Topic/replies: 2,328 | Blogger: the silverback's blogThere are online bookies who log you out and display a message if you log in for a
DivideByZeroError 22 Aug 11 23:07 Joined: 18 Jul 07 | Topic/replies: 12 | Blogger: DivideByZeroError's blog One tip is to enter the wrong password intentionally a couple of times.
I read this from an article writen by an ex-hacker
Can you give a few more details on why this a benefit Divide?
DivideByZeroError22 Aug 11 23:07 Joined: 18 Jul 07 | Topic/replies: 12 | Blogger: DivideByZeroError's blogOne tip is to enter the wrong password intentionally a couple of times.I read this from an article writen by an ex-hackerCan you give a few more
If you are infected with a keylogger then it might be easy for it to spot your login details from the pattern of keystrokes, for example if you always type a web address hit enter and then username, tab, password and enter.
Entering the incorrect password makes it harder for the keylogger to spot the pattern. Of course I'm sure that smarter systems could still spot the password amongst the keystrokes but at least it adds in a small way to the difficulty of spotting your password.
I searched for the original article but couldn't find it, sorry. The interviewee was applying the approach to credit card numbers - it must be easy to spot a sequence of 16 digits being typed in.
Thanks to WPlay for starting this thread - which is a bit of a wake up call. I hope that the cash is recovered.
If you are infected with a keylogger then it might be easy for it to spot your login details from the pattern of keystrokes, for example if you always type a web address hit enter and then username, tab, password and enter.Entering the incorrect pass
Was hoping wplay had an answer by now...the problem with the contents discussed in this thread is it will be forgotten until someone else is affected...Every site I am a member of that involves large amounts of monies has far more security than betfair which seems to have the equivalent of lovefilm.com.One of the replies I received from customer services stated, that the problems must be with its users because betfair is unhackable..(do me a favour)
Was hoping wplay had an answer by now...the problem with the contents discussed in this thread is it will be forgotten until someone else is affected...Every site I am a member of that involves large amounts of monies has far more security than betfa
Absolutely - this is a massive issue for the reputation of Betfair.
The everyday punter is not going to be happy depositing £50 on here after reading about hacked accounts.
Absolutely - this is a massive issue for the reputation of Betfair.The everyday punter is not going to be happy depositing £50 on here after reading about hacked accounts.
sorry ,I would just like to point out I have nothing against lovefilm.com and do not wish to be derogatory to them by associating their security on a par with betfairs.
sorry ,I would just like to point out I have nothing against lovefilm.com and do not wish to be derogatory to them by associating their security on a par with betfairs.
There are a number of ways that someone could get hold of account details. The bit that concerns me are the number of people who hold your account details other than Betfair.
All of the third party API software providers need to know your account details. MarketFeeder Pro and Fracsoft are two providers I use that know my account details so I can login. I know these organisations are verified by Betfair, and I'm not suggesting they themselves are insecure. However, the thought occurs to me occasionally, what happens if their security is compromised? Or other less reputable providers are at large?
A while ago I discovered whilst digging around looking for violations that Welldone Soft, the writers of MarketFeeder Pro, were regularly (every few seconds or so) communicating with my PC. I enquired what it was about and got the response that it is quite a normal part of using the API. As I say, I'm not suggesting there is anything untoward, but it wouldn't be difficult for an unscrupulous provider to gather more information than is necessary.
I suspect, if I were so minded to get hold of someone's Betfair details, after considering spyware, I would concentrate on the weaker providers. These guys certainly aren't set up like banks (many simply can't afford it, or understand it), and would probably provide the weak link in the chain.
There are a number of ways that someone could get hold of account details. The bit that concerns me are the number of people who hold your account details other than Betfair.All of the third party API software providers need to know your account det
WPlay has had an answer, he has the same thread with title same as this one on the football forum which has been updated (yesterday).
The thread is currently on the second page of the football forum, he basically got 60% of his money back.
misselephantstoneWPlay has had an answer, he has the same thread with title same as this one on the football forum which has been updated (yesterday).The thread is currently on the second page of the football forum, he basically got 60% of his money
thankyou shaneesp, read it ,some good points on the thread as a whole,wplay says he checked his system with various spyware & virus scan but nothing at all has turned up,that is the worrying point for me.
thankyou shaneesp, read it ,some good points on the thread as a whole,wplay says he checked his system with various spyware & virus scan but nothing at all has turned up,that is the worrying point for me.
I think a theory is that wplay might've had his phone hacked not computer, miss.
There was a thread a while ago linking to an article that discussed how the insecurity of phones is an elephant in the room right across any industry that requires security. Puts me off the idea of using one to be honest. It's all the same password of course so if they get it from a phone, they can use it from any computer and do what they want.
One thing to note is the way some browsers can store passwords : I NEVER do that for anything I care about, but I'd certainly recommend against it.
I think a theory is that wplay might've had his phone hacked not computer, miss.There was a thread a while ago linking to an article that discussed how the insecurity of phones is an elephant in the room right across any industry that requires securi
^ That is a plausible explanation that he may have had his phone hacked and not computer. Especially if he has run a virus scan on his system and nothing has turned up. And as you say if they can get a password from a phone they can use it on a computer.
Anyone keeping a large bank on here, it is a concern that anyone could be just a password and a click away from getting into your account.
^ That is a plausible explanation that he may have had his phone hacked and not computer. Especially if he has run a virus scan on his system and nothing has turned up. And as you say if they can get a password from a phone they can use it on a compu
Phones are definitely a concern. I think getting a second account and just having a small bit of money in that for use if you are say using BF from your mobile for a few bets during a day at the races is probably a sensible thing to be doing.
Phones are definitely a concern. I think getting a second account and just having a small bit of money in that for use if you are say using BF from your mobile for a few bets during a day at the races is probably a sensible thing to be doing.
Are keylogging viruses just spread randomly? And once you're infected, how likely is it that a hacker will actually "keylog". Or is everything automatically keylogged and they just take a closer look when it seems there's something worth pursuing.
Any hackers out there care to share their thoughts.
Are keylogging viruses just spread randomly? And once you're infected, how likely is it that a hacker will actually "keylog". Or is everything automatically keylogged and they just take a closer look when it seems there's something worth pursuing.Any
It appears that the company who provide DNS services to betfair has been hacked. This means that a malicious user has been able to point the name 'www.betfair.com' to one of their own servers, presenting a splash page. The Betfair site (infrastructure) itself is unaffected, but until we can correct this DNS issue at the network provider's side, some of our users will experience this redirection to the wrong page. We are working with them on this issue.
There appear to be several other companies affected (Dell, UPS) - those who use the same DNS provider. We don't have any reason to believe that this attack is targeted specifically at betfair, or that there is any reason for betfair customers to fear for the safety of their data. However, if you wish us to suspend your account temporarily at this time, we are able to do so.
We apologise for any inconvenience this may cause.
Whooopeee, any chance it'll make Betfair take security abit more seriously now someones redirected the whole site?
OK Betfair's security hasn't been breached but if the DNS had been directed to a false login page they'd probably be alot of people with empty accounts tomorrow. Things like using the selected letters of a memorable word like banks use would at least ensure it's a lot harder for people to access accounts if passwords are snatched by DNS redirection or phishing sites/emails etc
Service InterruptionBetfair Customer ServicesIt appears that the company who provide DNS services to betfair has been hacked. This means that a malicious user has been able to point the name 'www.betfair.com' to one of their own servers, presenting
- BF told me that the country restriction is still in place but you have to phone up and request it, no sure of the point of that
- I suggested you should be able to lock funds in your account with a separate password to your login but they brushed that off
- BF told me that the country restriction is still in place but you have to phone up and request it, no sure of the point of that- I suggested you should be able to lock funds in your account with a separate password to your login but they brushed th
Yes - come on Betfair - sort out the security improvements you promised us last year. It can't take that long to do it.
e.g. as per Ghetto, at least try to be a little more secure like your average bank and -
"Things like using the selected letters of a memorable word like banks use would at least ensure it's a lot harder for people to access accounts if passwords are snatched by DNS redirection or phishing sites/emails etc"
Yes - come on Betfair - sort out the security improvements you promised us last year. It can't take that long to do it.e.g. as per Ghetto, at least try to be a little more secure like your average bank and -"Things like using the selected letters of
From a layman's point of view, surely it is not much more of a leap from someone obtaining passwords for accounts (through key loggers or whatever) and the same person taking the extra step of obtaining a 3 digit card security code and being able to basically deposit any amount they want into the account?
I appreciate I have little expertise in this area so could be talking $hite, but that would be horrendous (not that the above scenario is in any way good)
From a layman's point of view, surely it is not much more of a leap from someone obtaining passwords for accounts (through key loggers or whatever) and the same person taking the extra step of obtaining a 3 digit card security code and being able to
Quite basic, but a separate password for banking transactions would surely substantially reduce the likelihood of fraud simply because a password used less frequently has less chances to be logged?? Or is that too simple.
Quite basic, but a separate password for banking transactions would surely substantially reduce the likelihood of fraud simply because a password used less frequently has less chances to be logged?? Or is that too simple.
Reading this thread ***Upset My Equilibrium*** to think they may be Russians in Romania and Romanians in Reyjakavic trying to hack Betfair accounts, just spent about an hour researching how to construct a very complicated password.
Reading this thread ***Upset My Equilibrium*** to think they may be Russians in Romania and Romanians in Reyjakavic trying to hack Betfair accounts, just spent about an hour researching how to construct a very complicated password.
Easy. Grab someone's data is very easy. Many people are asking for trouble just by downloading suspicious "Toys".
Really, very easy. Only what comes next? Lets just say I have someone's login and password but whatever I`ll do with the money - I'm easy to track down. So whats the point? Stealing money is hard job too.
Easy. Grab someone's data is very easy. Many people are asking for trouble just by downloading suspicious "Toys".Really, very easy. Only what comes next? Lets just say I have someone's login and password but whatever I`ll do with the money - I'm easy
Why can I get a security token for battle.net, to protect my virtual gold in games such as World of Warcraft and Diablo, but not for Betfair to protect my real money? It doesn't seem right.
Extra security could be annoying for some customers, but you don't have to offer the same level of security to all accounts, do you?
Please offer some optional extra security at least for customers who keep funds above some appropriate threshold. Many of those customers would welcome the hassle associated with extra security I'm sure.
If customers felt more confident in your security you might even gain a bit more interest from increased client funds, and a bit less costs associated with money transactions. And if you feel like you have to you could charge for the security token.
Why can I get a security token for battle.net, to protect my virtual gold in games such as World of Warcraft and Diablo, but not for Betfair to protect my real money? It doesn't seem right.Extra security could be annoying for some customers, but you
DonNo1 Joined: 11 Nov 10 Replies: 1194 05 Sep 11 00:20 - BF told me that the country restriction is still in place but you have to phone up and request it, no sure of the point of that
- I suggested you should be able to lock funds in your account with a separate password to your login but they brushed that off
I just phoned up and was told that the country restriction option is not available any more, due to the fact that your ISP could route your traffic abroad in certain circumstances and this used to cause Betfair problems when the country restriction option was available
DonNo1 Joined: 11 Nov 10Replies: 1194 05 Sep 11 00:20 - BF told me that the country restriction is still in place but you have to phone up and request it, no sure of the point of that- I suggested you should be able to lock funds in your account w
Quite agree Mr Anderson, plenty of kids games have more than one level of protection for their virtual cash, with Betfair the onus is on us to protect our accounts despite the fact they provide us with few real options to protect it.
Your security's only ever going to be secure as the weakest link and DNS redirections /phishing sites have been around for long enough for most companies to actively monitor changes. Imagine a bank being redirected they'd have had the site locked down as soon as it was discovered and contacted clients to inform them, with betfair it's business as usual and a message on a few sections of the forum that'll be gone in a day or two.
I can understand some of their reluctance to increase security due to making the site too complicated,lost passwords etc but considering the balances people hold on here, compared to normal bookies sites, optional security settings should really be offered to those who wish to use it.
Quite agree Mr Anderson, plenty of kids games have more than one level of protection for their virtual cash, with Betfair the onus is on us to protect our accounts despite the fact they provide us with few real options to protect it.Your security's o
Ok eddie, what they told me was 'The country restriction feature associated with customer accounts is only available to be amended by Betfair staff.' so I interpreted that as you could phone up and alter it but seemingly not then.
Is it still the case you can deposit entering a wrong security code, I remember years back someone making a thread about how he entered the wrong card code and the deposit when through...
Ok eddie, what they told me was 'The country restriction feature associated with customer accounts is only available to be amended by Betfair staff.' so I interpreted that as you could phone up and alter it but seemingly not then.Is it still the case
For those hoping that the recent hack would spring Betfair into action about security, they apparently are 'not reviewing security measures on the website.'
For those hoping that the recent hack would spring Betfair into action about security, they apparently are 'not reviewing security measures on the website.'